Items tagged with Adobe

Adobe Flash is going down! Flash has been a boil on the butt of the Internet for years, but we’ve just put up with it despite the often horrid performance and numerous security lapses. However, some recent high-priority hacks using Flash as a conduit have only increased the number of people calling for the demise of the most hated piece of software on the Internet. Twitch, the online game streaming giant, is the latest to announce that it will move away from using Flash (Google’s competing YouTube Gaming service debuted with HTML5 support). Twitch’s efforts to distance itself were aired earlier...Read more...

Has the time come to put Adobe's Flash Player plugin out of our misery? Facebook CSO Alex Stamos thinks so. In a series of Twitter posts, Stamos makes a plea for Adobe to set a date to euthanize Flash, allowing the web and Internet users at large to move on to better (and more secure) technologies. The question is, will Adobe do it?Probably not at the sole behest of Stamos, though he isn't the only one calling for an end to Flash. An anonymous group calling it Occupy Flash has been pushing for the same thing for the past few years. The Occupy Flash website has been tweeted out thousands of times,...Read more...

In the wake of recent security threats that have come to light, Mozilla has made the decision to block Adobe Flash content by default on all versions of its Firefox browser. Mark Schmidt, head of Firefox support at Mozilla and CEO of SupportHacker, announced the change via Twitter on Monday, adding that this is a temporary thing. "BIG NEWS!! All versions of Flash are blocked by default in Firefox as of now. To be clear, Flash is only blocked until Adobe releases a version which isn't being actively exploited by publicly known vulnerabilities," Schmidt said. This has been a bad month for Adobe and...Read more...

We reported last week on a new zero-day vulnerability in Adobe Flash that was revealed following the leak of data from the Italian hacking group "Hacking Team". It's hardly a surprise when such a vulnerability is found in either Flash or Java, and as sad as it is, it's not even surprising to learn that two more have been found. Oy! The latest vulnerabilities, named CVE-2015-5122 and CVE-2015-5123, are considered critical, and affect the Flash player on Windows, OS X, and Linux. A verbatim threat to last week's vulnerability, "successful...Read more...

This week, something nearly as common as breathing happened: a severe Adobe Flash vulnerability was revealed. How this one came to be, however, is far more interesting than most. Earlier this week, a well-known Italian hacking group called 'Hacking Team' was itself hacked. On Monday, the group's Twitter account was hijacked to post a link to a torrent file that includes about 400GB worth of its data. We're now finding out that this data could have huge repercussions for software vendors and regular consumers alike. Because Hacking Team's efforts largely revolve around exploiting bugs in popular...Read more...

Adobe's Flash Player has more holes than Swiss cheese, only Swiss cheese doesn't leave you vulnerable to hacker attacks. Flash Player often does, and yet again, there's a zero-day exploit that could allow an attacker to take control of an affected system. The discovered vulnerability and its severity has led to Adobe releasing an out-of-band security patch. This latest zero-day annoyance affects Flash Player 18.0.0.161 and earlier versions for Windows and Macintosh, Flash Player Extended Support Release version 13.0.0.292 and earlier 13.x versions for Windows and Macs, and Flash Player 11.2.202.466...Read more...

There are myriad of ways to improve the battery-life of a laptop, but one of the best is to disable CPU-intensive (or perhaps even GPU-intensive) browser plugins. Adobe's Flash is a perfect example of this. While Flash animations can be detrimental with regards to battery-life, it's made worse when an element in the background is running a video. It's just bad news, and Google realizes it all-too-well. That being the case, the company will soon be introducing a new feature to its Chrome Web browser that lets users disable all Flash content by default, or let Chrome decide which content should be...Read more...

Anyone who picked up the $9.99-per-month offer Adobe has been running for a subscription to its Photoshop and Lightroom software is about to enjoy one of its biggest benefits. Adobe just released Lightroom CC 2015 and mobile apps. Subscribers will be able to upgrade from Lightroom 5.7 to the new 2015 version by simply downloading the update. Say what you will about the software subscription model – having the latest software ready for you the minute it releases is pretty slick.As you’d expect from a new version, Lightroom Creative Cloud (CC) 2015 has some new capabilities. One of them is facial...Read more...

According to US-based security research firm FireEye, a Russian group it dubs APT28 is responsible for attacking a number of different government agency computers through exploitation of previously unknown vulnerabilities in Adobe Flash and Microsoft Windows. To exploit a vulnerable system, attackers took advantage of a buffer overflow issue in Flash through the use of malformed FLV files and gain remote code execution. On the Windows side, the core issue is a local escalation of privilege flaw which isn't critical by itself, but is made so when paired with the Flash vulnerability. As of the time...Read more...

Whenever a software flaw is discovered and is then patched, it's not often that we'll ever hear about it again (the exceptions are those that do big damage). It's even more rare when we end up hearing about a "medium" bug again four years later. Such is the case of a vulnerability affecting Adobe Flash (don't act surprised!) To be more specific, CVE-2011-2461 is tied to Adobe's Flex SDK, which developers can use to compile their Flash project for exporting to an .SWF file. In older versions of Flex (3.x and 4.x), compiled SWF files allow the injection of a script or HTML, which it can pull off...Read more...

Adobe is setting its sights on paper documents with its new Document Cloud. The service is meant to be an online hub for storing and sharing forms and other documents that are ordinarily filled out and signed by hand in many workplaces. Not surprisingly, the core of Document Cloud’s capabilities comes from Acrobat, known in this version as Acrobat DC. “People and businesses are stuck in document-based processes that are slow, wasteful, and fragmented,” said Bryan Lamkin, senior vice president of Technology and Corporate Development at Adobe in a statement. “While most forms of content have successfully...Read more...

Conventional wisdom in years past was that hackers didn’t bother to exploit Apple’s OS X operating system because its relatively insignificant market share didn’t warrant wasting resources to exploit it. The reasoning was, why bother with OS X when Windows was pushing over 90 percent of the worldwide OS market? However, in recent years, Apple has seen an uptick in Mac sales and pretty much dominates the field when it comes to notebooks priced over $1,000. The higher sales profile for Macs running OS X also means more attention from nefarious parties that are ready to strike. The latest report from...Read more...

Fashion retail chain Forever 21 has found itself the target of a lawsuit for allegedly making illegal copies of Photoshop and other software applications. Adobe, Autodesk Inc., and Corel Corp. are all three claiming copyright violations in the suit, accusing Forever 21 of making unauthorized copies of various software for use on multiple company computers. "Widespread use of illegal copies of Plaintiffs’ software products (commonly known as software piracy) has caused, and continues to cause, significant harm to Plaintiffs and undermines Plaintiffs’ investments in their products," the lawsuit reads...Read more...

At this point, I think it's safe to call the security level of Adobe's Flash player "asinine". Sometimes, it feels like full-blown OSes, such as Windows, have far fewer bugs. When is the last time you remember having to update your OS with an emergency patch? Now how about Adobe Flash? Exactly. Well, since Adobe didn't put it in its New Years' resolutions to release more secure software, this is a reality that's not going to change too soon. Yesterday, the company issued a patch for bug CVE-2015-0311, one that exposes a user's browser to become vulnerable to code injection, and the now infamous...Read more...